Freedom of Information/Privacy
Freedom of Information and Privacy legislation is complex. For institutions that fall under FOIP legislation like the Access to Information Act (ATIA), the Freedom of Information and Protection of Privacy Act (FIPPA), or the Municipal Freedom of Information and Protection of Privacy Act (MFIPPA), consequences non-compliance can be severe, from fines to litigation and bad press. Our years of hands-on experience with the Acts means that Seshat can assist your institution in meeting compliance: from training and policy development to assistance with facilitating FOI requests and appeals.
Records and Information Management
Managing information in the 21st century sometimes seems like a near-impossible feat. While we continue to rely on paper documents for many of our operations, the proliferation of electronic records in various formats (email, text messages, databases, etc.) increases at a rapid pace. Seshat can help your institution to develop strategies to manage your records and information based on tested and tried best practices.
The Personal Health Information Protection Act (PHIPA) sets very strong compliance requirements for protecting health information in Ontario: increased fines and the mandatory reporting of privacy breaches are now law. Seshat can assisting in helping your organization to meet compliance standards, through staff training and policy development, Privacy Impact Assessments (PIAs), privacy audits, and the implementation of privacy breach protocol.
PIPEDA (Personal Information Protection and Electronic Documents Act), which applies to Canada’s private sector businesses, is undergoing significant revisions, inspired largely by Europe’s GDPR (see below). Proposed changes will focus on updating the Act to ensure that it reflects the current privacy environment. If you’re not sure if your organization is ready to meet the proposed enhanced compliance standards, such as implementing a Privacy by Design approach into your services, let’s talk.
GDPR (General Data Privacy Regulation)
What is the GDPR and does it apply to me?
If you process the personal data of European residents, then the GDPR applies to you. The GDPR represents an enhanced privacy framework that will need to be implemented in your organization that doesn’t end with appointing a DPO (Data Protection Officer). A full privacy management program is required, including everything from policy and training to a privacy breach response plan.
Seshat specializes in solutions for local municipalities. We know that smaller municipalities often don’t have the time, resources, or expertise to find solutions for their information problems. We can help! No matter how large or small your issues are, we’ll work with you for the best possible outcome.
Seshat is available to assist in content development for your policies, manuals, website and other professional publications.
Privacy Safety for Families
Being advocates for privacy means that Seshat cares about the privacy choices our children make. From social media to texting to sharing information, we are concerned about protecting children’s vulnerability. Seshat is available to speak at your school, community centre or other venue about keeping our kids safe.